CyberSec.Space Logo
Back to CVE Browser

CVE-2010-3608

HIGH
7.5
CVSS Severity Score
EPSS Score0.1560%
EPSS Percentile32.96th
PublishedSep 24, 2010
Last ModifiedApr 29, 2026

Vulnerability Description

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) password (pw) parameters to (a) admin.php or (b) user.php.

Affected Platforms (CPE)

πŸ“¦
Wire Plastic Design

Wpquiz

= 2.7

References & Advisories

πŸ”— http://packetstormsecurity.org/1009-exploits/wpquiz27-sql.txt
πŸ”— http://www.exploit-db.com/exploits/15075
πŸ”— http://www.securityfocus.com/bid/43384
πŸ”— http://packetstormsecurity.org/1009-exploits/wpquiz27-sql.txt
πŸ”— http://www.exploit-db.com/exploits/15075
πŸ”— http://www.securityfocus.com/bid/43384

Related Vulnerabilities

CVE-2007-617210.0

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2004-17047.5

WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the extras dir...

CVE-2010-355210.0

Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business 6 Update 21 allows remote atta...

CVE-2010-308510.0

The network-play implementation in Mednafen before 0.8.D might allow remote servers to execute arbitrary code via unspecified vect...